NEXO Mastercard® card (the “Card”) and the additional services specified herein (together with the Card, referred to herafter as the “Services”) are developed and provided by DiPocket UAB (“DiPocket”) for Nexo Services UAB, registered in the Republic of Lithuania (company number 305743053) at Gedimino ave. 44A-201, Vilnius, the Republic of Lithuania (“Client”) under its electronic money institution license. Unless indicated otherwise, any action attributed or directed to NEXO hereto shall be construed as, respectively, performed by or directed to DiPocket.
These terms and conditions (“General Terms and Conditions”), the Card Terms and Conditions – if they were attached to or distributed with the Card (“Card Terms and Conditions”), the Tariff Table (“Tariff Table”) and the Limits Table (“Limits Table”), together referred to as the Agreement (“Agreement”), are applicable upon your acceptance of the Agreement. In case of any contradiction between the General Terms and Conditions and the Card Terms and Conditions, the Card Terms and Conditions shall prevail.
You may access a copy of the Agreement at any time by visiting nexo.io (the “Website”) or using the Nexo mobile application (the “App”).
By accepting this Agreement (which shall be done electronically following instructions provided in the App or the Website), you confirm that you had sufficient time to read and acquaint yourself with the Agreement, understood it and agree to comply with the provisions set therein. In case you do not understand or do not agree to specific provisions of the Agreement, you shall not conclude the Agreement or shall express your question and/or disagreement in writing by sending us a notice to the e-mail address indicated below in this Agreement, so that we can clarify and discuss particular provisions of the Agreement with respect to which you have expressed your questions and/or disagreement. For the avoidance of doubt, not all functionality described in the Agreement may be available for your Account. In case of doubt you shall contact us prior to accepting the Agreement.
DiPocket is a Financial Institution authorized and regulated by the Lithuanian financial supervisory authority - the Bank of Lithuania, which is located at: at Gedimino avenue 6, LT-01103, Vilnius, the Republic of Lithuania, telephone No. +370 800 50 500. Further details of the Bank of Lithuania are available at its official website: https://www.lb.lt/en/. DiPocket operates on the basis of the E-Money Institution License (Number 75) issued in the Republic of Lithuania on November 10, 2020. The electronic money institution license authorizes DiPocket to provide services that are listed in the license. The license may be found following the link: https://www.lb.lt/lt/frd-licencijos/view_license?id=1985.
DiPocket’s legal entity code is: 305599375, registered address is: Upės str. 23, 08128, Vilnius, the Republic of Lithuania (the “Address”). You can also contact DiPocket via e-mail: firstname.lastname@example.org, or telephone number: +370 5 2084858.
As an E-Money Institution DiPocket can receive and hold customer funds and process payments upon a customer’s request. DiPocket holds customer funds in segregated accounts held with banks operating in the EEA and with the Bank of Lithuania, meaning customer funds are segregated from DiPocket’s own funds. However, your funds entrusted to us are not covered by Lithuanian deposit insurance scheme www.iidraudimas.lt/en/.
DiPocket is a Principal Member of Mastercard® Inc.
The language of communication with reference to the Agreeent and the Services is English or Lithuanian, the choice of which will be yours.
The Agreement is governed by Lithuanian law (and the same law will apply to establishing our relationship). Any legal terms implied by law will also apply to the Agreement. Rights and duties related to the provision of Services that are not discussed under this Agreement shall be regulated by the Law on Payments of the Republic of Lithuania. Any dispute arising out of the Agreement between you and DiPocket (the “Parties”), which we are unable to resolve to the Parties’ joint satisfaction through our complaint procedure, shall be settled by the Courts of the Republic of Lithuania.
Registering as a Customer (the “Customer”)
To register as a Customer and open your personal account with NEXO (the “Account”) you must be aged at least 18 and be a EEA or UK citizen.
If you received or requested the Card from a third party provider to whom you have provided the information required to register as a Customer, and the consent to share such information with us, you may be already registered upon receiving the Card. By setting up the Personalised Security Features (defined below) and using the Card, you confirm your intent to register as a Customer and your agreement with the terms of the Agreement.
By law, we must check your identity prior to registering you as a Customer, and we do this based on the information you provide to us during the registration process.
If we are unable to confirm your identity and/or any relevant registration information based on the information provided, we are entitled to ask for any further evidence of your identity and to ask you to hold a short live phone interaction with our operators and/or carry out such further checks as it deems necessary to establish your identity. If we are unable to do this, we may refuse to serve you or enable the extra functionality reserved to registered Customers and/or inform the appropriate authorities without your knowledge or consent. We will register you only if the results of the KYC process allow us to on-board you as a Customer.
As part of your eligibility to use a DiPocket account, you agree and confirm that you are an individual acting solely on your own behalf, in an individual capacity, and you are not acting in a business capacity or for any other commercial purpose. Furthermore, it is not permitted to use the Account:
If you give us false or inaccurate information and/or we identify fraud, we will record this with fraud prevention agencies, including but not limited to the Bank of Lithuania, the Financial Crime Investigation Unit of the Republic of Lithuania and other competent institutions, including law enforcement as the case may be. Law enforcement agencies may access and use this information. The fraud prevention agencies will share records with other organisations. We and other organisations may access and use the information recorded by fraud prevention agencies across borders. We may also block or cancel your Card and terminate the Agreement.
We carefully safeguard your personal data (the “Personal Information”) and, in particular, we are responsible for the security of sensitive cardholder data we process and transmit on your behalf, such as name, surname, personal identification number, date of birth, address, e-mail address, telephone number, facial image, live video recording, identity document data and a copy of the document, transaction data, PAN, expiry date, CVV, payment account number, IP address, citizenship, employment, public office, other applicable data required by money laundering and terrorist financing prevention legislation. DiPocket is the data controller of your Personal Information that you provide to us. If you wish to contact us about the processing of your Personal Information, please contact our Data Protection Officer at DPO@dipocket.org. Subject to your explicit consent, we may transfer your Personal Information to third parties, also explaining the intended use of the transferred Personal Information. When you provide your consent to such transfer, the specified third party becomes the Data Controller of the Personal Information we transfer to them. You can withdraw your consent at any time using the App or the Website.
Your Personal Information will be processed for the purposes described in the Agreement, including for contractual reasons, in order to provide you with the Services e.g. to produce cards for use with the Account and to provide you with Account-related communications, for purposes where we have a legal right or a legal obligation including for tax and accounting reasons, or for fraud and money laundering detection and for marketing where you consent to this.
You have a right of access to your Personal Information and you can correct (rectify) that Personal Information at any time.
We will process the Personal Information which you provided to us during the registration process. The Personal Information you provide at registration is both a statutory requirement and necessary for us to enter into the Agreement. Providing your Personal Information to us is voluntary; if you do not provide us with the necessary information and documents, we will not be able to perform the Services. You have a right to ask us to restrict processing or to erase your Personal Information and where you make this request we will apply your instructions to any third parties who are processing your Personal Information on our behalf, and we will consider your request in the light of our legitimate interests. Where a request to erase Personal Information is received on behalf of a minor, we will take extra care to consider the impact on them of any decision we make.
You also have a right to object to the processing of your Personal Information, provided it is processed based on public interest or our legitimate interests. Furthermore, you may also ask us to provide your Personal Information in machine-readable form back to you, for onward sharing with another data controller or to provide this data to a third party for their use, at your direction.
Where you have given us your explicit consent for the processing of Personal Information, you also have the right to withdraw this consent at any time by contacting us at DPO@dipocket.org. However, such withdrawal will not affect the lawfulness of the processing carried out before the withdrawal was submitted.
If you feel your rights and freedoms in relation to processing your Personal Information have been infringed in any way, please let us know so that we can attempt to resolve the issue. The Personal Information also comes from your usage of the Card, including information about payments you make or receive, and from your other interactions with us, for example through social media, and, if it is compliant with the applicable law, from third parties such as credit reference agencies (who may check the Personal Information against other databases – public or private – to which they have access) or fraud prevention agencies.
Subject to your consent, we may also monitor or record telephone calls between you and us or capture images or video recordings during our interactions. We will use these recordings for risk management and fraud prevention purposes, to check your instructions to us, and for training and quality purposes.
If you give us Personal Information about other people including minors which we use to provide the Services, then you confirm that (i) you have ensured that they agree to our holding and use of that data or that you are otherwise allowed to give us this Information and consent on their behalf to our holding and use of it, and (ii) you have provided them with all the Information contained in this Policy, regarding the processing of personal data as required under the applicable law.
If you cancel or we decline your registration or you decide not to go ahead with it, we will keep the Personal Information for as long as we are allowed to under applicable law and for legitimate business purposes, to help prevent fraud and other financial crime, and for other legal and regulatory reasons:
If the Personal Information is no longer required for the abovementioned reasons, we will delete it.
If you wish to obtain a confirmation as to whether or not Personal Information concerning you is being processed by us, you can request a free copy of it by requesting this at DPO@dipocket.org.
According to art. 13.2 (d) of General Data Protection Regulation (2016/679) you also have a right to lodge a complaint with your national Data Protection Authority.
How we use the Personal Information
We use the Personal Information for security, identity verification, to communicate with you and to comply with the law.
Specifically, if it is compliant under the applicable law, we and other DiPocket Group companies may use the Personal Information to pursue our legitimate interests:
We will never pass the Personal Information to a third party for them to use in their own direct marketing without your consent.
Who we can share the Personal Information with
We will keep the Personal Information confidential but we may share it with other entities (who are also bound to keep it secure and confidential) if we have a duty to disclose it, if it is required for the provision of our Services to you, or for legitimate purposes including business purposes and where your rights or freedoms are not infringed. Where we rely upon ‘legitimate purposes’ as a justification for our processing of the Personal Information, we will carry out an assessment, called a ‘Legitimate Interests Assessment’ and keep a record of it.
In particular, if this is compliant with applicable law, we may share the Personal Information with:
Transfer of Personal Information
We may process the Personal Information abroad, within or outside the European Union, provided we comply with the applicable laws and regulations. Where we are sharing the Personal Information with organisations outside of the EEA, we will ensure they agree to apply equivalent levels of protection as we do. We use legal mechanisms, such as standard contractual clauses as indicated in General Data Protection Regulation (2016/679) art. 46 to implement the cross-border transfer of your personal data; or implement security measures like anonymization on the data before the cross border data transfer. For any inquiries on means that safeguards data transfer outside EU please contact us at DPO@dipocket.org.
We will transfer data to any entity who you authorise us to share information about your Account with, provided they are listed as a suitably authorised entity at the time of your request. We will rely upon your instructions to the third party to access your account information from us, as evidence of your consent to share your data.
Requirement to update your Personal Information
You must notify us immediately of any and all data and circumstances that have changed with regard to the data set out in the Agreement, or the documents submitted to us (e.g. changes in personal or contact details, residency or tax residency, loss or theft or other reason for change of an identity document) as well as of any and all circumstances that may affect the fulfilment of your obligations towards us (e.g. commencement of bankruptcy procedures of a natural person). We may request documentary evidence of the changes, which you must provide. This notification obligation applies even if the above changes have been made public (e.g. registered in a public register or published through the mass media). If you fail to fulfil the notification obligation, DiPocket is entitled to assume the correctness of the data at DiPocket’s disposal, unless otherwise prescribed in the jurisdiction of your residency.
Notices and exchange of information
We may provide you with all information electronically via the Website, App, e-mail or mobile phone, unless otherwise established in the applicable laws. We are entitled to use third-party services for processing or delivering electronic notices and information to you.
If, in accordance with the applicable laws and/or this Agreement, you have the right to terminate the Agreement, you shall send the termination notification to email@example.com.
Unless otherwise stipulated by the applicable laws, any notice given by DiPocket must be considered to have been received if sent by e-mail or via the App or other electronic means of communication, on the day of technical dispatch.
The Card is a Mastercard bearer debit card. It is valid until its expiry date, which is visible on the front of the Card – or on the Card image accessible online for virtual cards and payment bands.
To activate plastic cards please follow the instructions provided with the Card. Also, you must:
You can use it at all locations that display the Mastercard Acceptance Mark: for purchases in physical stores – including contactless, and at automated teller machines (“ATM”) for cash withdrawals as well as for online and telephone purchases. You can also enrol it in Apple Pay and Google Pay. It allows you to receive cash-back when making purchases in physical stores, however it cannot be used for other cash transactions such as withdrawing cash from a bank and purchasing traveller’s cheques or foreign exchange from a bureau de change. Limits and fees apply.
The Card is automatically registered for Mastercard Identity Check, to enhance security. When using your Card for online purchases, you may be required to enter on the merchant site a code (the “Code”) that will be sent to your mobile phone number or to authorise a transaction via the App.
In so far as this is not a result of our negligence, we will not be responsible nor liable for a retailer’s failure to or delay in accepting your Card nor for an ATM failing to issue cash. In these circumstances, we will not be liable for the way in which you are told about any refusal or delay.
All transactions require authorisation. Authorisation is also your instruction for us to carry out a transaction. We will not normally authorise a transaction if the balance on your Card is insufficient to cover the transaction and any related transaction fee. If, for any reason whatsoever, you are able to make a transaction when there are insufficient funds on your Card (the “Shortfall”), we will seek reimbursement of the Shortfall from you immediately. You may ask us to provide you with information about transactions for up to 5 years from the date of the transaction.
For a contactless transaction:
(a) below the limit applicable in the country where you are using the Card (“Contactless Limit”), which is outside the control of DiPocket, a transaction is deemed authorized upon transmission of the details of the Card that are required to execute the transaction, by placing the Card in the proximity of the device that allows for reading the data saved in the Card contactless module; and
(b) In excess of the Contactless Limit, the transaction is deemed authorized by entry of the PIN number on the acceptance terminal. Please note that in certain countries contactless transactions with PIN are not available.
In so far as this is not a result of our negligence, we are not obligated to authorise a transaction where a system problem occurs or events outside our reasonable control arise. In addition to that we are not obligated to authorise a transaction where we are concerned about misuse of your Card. We shall not be liable to you when a transaction is not authorised in these circumstances and/or if we cancel or suspend use of your Card.
If your Card is lost or stolen, or someone else finds out the PIN, or if you think your Card, card number, or PIN may be misused, you must:
We will block or restrict your Card or PIN on justified grounds relating to:
A Card transaction will be regarded as authorised by you when you authorise the transaction by following the instructions provided by the merchant, retailer or ATM, which may include:
When we suspect there may be an attempt to use your Card fraudulently, we may ask you to confirm a transaction prior to or after authorising it.
Authorisation for a transaction may not be withdrawn or revoked by you.
You may demand from us the return of the amount of an authorized transaction initiated by or via the recipient, if such transaction was already executed while:
(a) the amount of the transaction was not determined precisely when it was being authorized; and
(b) the amount of the transaction is higher than the amount you could expect, taking account of the type and value of previous transactions, provisions of the Agreement and any significant circumstances of the case.
You may request such refund within 8 weeks from the date of the transaction.
Using the Card in foreign currencies
If you make a payment with your Card in a currency different from the currency of the Card, the amounts will be converted by Mastercard on the date they process the transaction, using the exchange rate they use for all such currency conversions. This means the rate of exchange may differ from the rate on the date you made the card payment, if the payment is processed by the card scheme after that date. The foreign exchange rate used by Mastercard can be found on www.mastercard.co.uk/en-gb/consumers/get-support/convert-currency.html. We also charge a fee based on the payment amount, as shown in the Tariff Table.
Card terminals may offer you the option of seeing the payment amount or withdrawal in the currency of your Card or in a currency other than the cash withdrawal or purchase currency, and allow you to choose to pay that amount in that currency. The exchange rate used for this will generally be provided by the operator of the terminal or ATM, so it won’t be under our control and won’t be covered by our Tariff Table. Please check the exchange rate at the ATM, the terminal or with the respective operator before authorizing the transaction.
As soon as practical after you make a Card transaction in foreign currency we will display as part of the transaction information we provide in the App or the Website, details of the amount of the conversion to the currency of your Card and how the exchange rate applied by us compares to reference rates published by the European Central Bank.
You may only use the DiPocket account to make purchases of goods and services, and to receive and send funds in accordance with applicable legislation and this Agreement.
If we have reasonable cause to believe that you have violated the requirements of this Agreement or applicable legislation, DiPocket may take measures to protect itself, its customers or third parties. In this case, DiPocket may, amongst other things, do the following:
You must keep safe at all time your Card details – including PAN (the 16 digits number displayed on the front of the Card), expiry date, CVV (the 3 digits number, displayed on the back of the Card), PIN (Personal Identification Number), and any passwords and devices you use to access security details of the Card and/or Account by any method (together the “Personalised Security Features”). This also includes any Card details in e-wallets, on retailer’s websites or on devices such as mobile phones. If you have registered a Card on a device or within an e-wallet this will include passwords and security processes used to access your device or e-wallet (device ID, passcodes or passwords) and any fingerprints or other biometric or identification methods stored in your device. Please note that not all Personalized Security Features may be applicable to your Card.
We will never contact you to request any of your Personalised Security Features and we will not ask anyone else to do so on our behalf. If you receive such a request it is likely to be fraudulent and you must not supply any of your Personalised Security Features in any circumstances. You should report any such activity to us immediately. Treat emails received from senders claiming to be us with caution and be wary of emails asking you for any Personalised Security Features.
When you call us we may need to identify you, depending on the nature of your query. We may do this by asking for certain information (such as answers to questions) known only to you and requesting random digits of certain passcodes or passwords, but we would never ask you for a full PIN or passcode. You must not give these to anyone who asks for them, even if that person appears to be an official.
You are responsible for the quality, safety, legality or any other aspect of any goods or services that you buy with your Card. Any disputes about purchases or payments made with the Card must be settled with the goods or service provider concerned.
If you become aware of the loss, theft or misappropriation of your Card or of its unauthorized use, call us straight away on +370 5 2084858.
To view your available balance and transaction history please visit the Website or use the App, if available. By accepting the General Terms and Conditions you specifically agree not to receive paper statements.
Upon your request DiPocket will provide additional statements and/or transaction records, on paper or otherwise. You may ask us to provide you with information about transactions for up to 5 years from the date of the transaction, even after termination of the Agreement, and we will provide it to you free of charge in electronic form, as well as paper form if you so wish. Fees may apply in case you ask us for information more often than twice a month, however, only to the extent of our incurred costs.
You must pay all relevant fees for the Services. The applicable fees are established in the Tariff Table which is available on the Website.
Fees and other amounts payable by you shall be debited to the Account, unless otherwise specified in the Tariff Table.
If there are no funds on the Account or if the funds are insufficient to cover the fees, other claims and your debts arising from the Agreement, we are entitled to suspend provision of the Services to you until such fees and indebtedness are covered. Notwithstanding the above, we will only charge applicable monthly fees until there is a positive balance on the Account and we will not charge uncollected monthly fees retroactively.
We shall notify you of changes of the fees in the Tariff Table with 60 days’ prior notice, following the same procedure as provided in section “Changes to the Agreement” below.
If you suffer loss because of an unauthorised transaction occurring as a result of:
the most you will have to pay is EUR 50 for each instance of loss, theft or misappropriation, converted to Card or Account currency using the average Bank of Lithuania exchange rate on the day of the conversion if the Card is not issued in EUR.
Where you have either deliberately or with gross negligence:
the above limitation of liability to EUR 50 will not apply to any loss incurred prior to notifying us of the issue.
If we can show that you have acted fraudulently in incurring a loss as a result of an unauthorised transaction, you may not benefit from any of the liability limitations set out above.
You have 13 months to notify us of an unauthorised, non-executed or incorrectly executed transaction. Provided you notify us within this timeframe and the payment was unauthorised, non-executed or incorrectly executed, we will immediately, as appropriate and in accordance with our regulatory obligations, refund the amount of the transaction to your Account. In case of errors or disputes about transactions, contact us via dipocket.org/en/contact or call us straight away on +370 5 2084858.
If your Card is used without your permission, or is lost, stolen or if you think your Account may have been misused, we may ask you to write us within seven days to confirm the loss, theft or possible misuse at the Address. We may disclose to law enforcement agencies any information which we reasonably believe may be relevant.
If you believe you have been tricked into transferring money to the account of someone you don’t know or have transferred money in good faith from your Account but have not received the goods or services contracted for (the “Authorised Push Payment scams”), you can contact us and we will investigate for you and try to recover your money, however we will bear no liability save that which may be imposed upon us by applicable laws and regulations at the time of the Authorised Push Payment scam.
Within the limits permitted under the applicable laws, and subject to the limitations defined in this Agreement, we are liable for due performance of our obligations set out in this Agreement.
You cannot claim a loss or damage from us if:
None of these exceptions will apply, and nothing else in the Agreement will stop us being liable, if:
We can change the Agreement in the circumstances listed below.
Provided we give you 60 days’ notice, we can change any part of the Agreement, only to the extent necessary, if at least one of the below material circumstances occurs:
save that the amendment of the Agreement will be effected solely within the scope and direction arising from the reason that has occurred and no later than within 1 month from the occurrence of a prerequisite for such change.
If you are not happy with the change, you can either:
If you do not end the Agreement by taking the steps above, you will be deemed to have accepted the changes after the end of the 60 days’ notice.
DiPocket may assign its rights or obligations under this Agreement to an associated company at any time, provided we give you not less than one month’s notice and without requiring your specific consent. If you object to the assignment you can cancel your Card and end the Agreement without any charges, so that the Agreement will cease on the day before the date of assignment. You may not assign your rights or obligations under this Agreement.
The Agreement expires on the Card expiry date unless, prior to expiry, we issue a replacement Card in accordance with our Card reissue policy as specified in the Card Terms and Conditions, provided however that we may send you a replacement card prior to the Card expiry date free of charge and with no obligation for you to continue to use the Services.
Whilst a Card remains unexpired or for Accounts without Cards, the Agreement will be of indefinite duration and will continue unless terminated at any time by you, or by us in accordance with the processes set out below.
Unless the Card Terms and Conditions specify otherwise, if we do not send you a replacement card prior to the Card expiry date the Card expiry will result in termination of the Agreement, after which access to the Account may be limited and the remaining funds will only be available for redemption.
When you can cancel the Services
If you wish to, you can cancel the Services at any time.
In addition, as a consumer, you have a period of 14 days from the date you have concluded the Agreement to tell us that you would like to withdraw from it, without giving any reason, and without incurring any charges or fees other than for the Services commenced upon your request or Services already provided. If you withdraw from the Agreement, the Agreement is considered not concluded.
When we can cancel the Services
We may end the Agreement immediately (and cancel your Card) if we have reasonable grounds for thinking that you have done any of the following things, which you must not do:
We can also end the Agreement immediately and cancel the Services if:
If you are unhappy in any way with your Card or the Services, or if you experience any problem, please contact us. Complaints may be submitted as follows:
In the claim, you will need to specify:
- name and surname, or company name;
- applicant’s contacts: phone number, address, and e-mail address associated with your account;
- what the issue is;
- when the problem arose;
- what remedies you would like us to apply; and
- available documents relating to the claim.
If incomplete, unreadable, or unclear information is provided in the claim (complaint), we may request to clarify the information.
We acknowledge all complaints, without any exceptions, including those regarding our personnel. We strive to acknowledge all complaints received within 24 hours of receipt. If a complaint is received during a bank holiday or weekend period, the complaint will be acknowledged within 24 hours of the return to work of staff, i.e., if a complaint is received by e-mail on a Sunday, it will be deemed to have been received at 9 a.m. on the following Monday.
If it is not possible to respond with a detailed, substantive reply within 24 hours of receipt of the complaint, further communication will be provided within 5 Business Days. We will send our final response within 15 Business Days. In exceptional cases where it is not possible to respond within 15 Business days, we may extend the deadline for submitting a final response to you to 35 Business days, but we will inform you of this, stating the reasons for the extension.
A response to the Client shall be provided via the same channel the complaint has been received unless otherwise indicated by you.
Handling of complaints is free of charge. The Parties agree that complaints shall be submitted, handled, and responded to in Lithuanian or English.
Should you not be satisfied with the final response of DiPocket, or should we fail to respond to you within 15 Business Days, or 35 Business days respectively, from receiving the claim, you have the right to raise a dispute or a complaint to the Bank of Lithuania within 1 year of the date you sent us your complaint:
Examination of the complaint at the Bank of Lithuania is free of charge.
You have the right to apply to the Bank of Lithuania or directly to the court. The court judgment is binding, while the decision of the Bank of Lithuania is recommendatory in nature, non-binding to both parties, and cannot be appealed. Nevertheless, even when the Bank of Lithuania has taken a decision, the parties to a dispute retain the right to apply to court.
Decisions regarding the subject matter of a dispute are public and published on the Bank of Lithuania website (in Lithuanian), without prejudice to the requirements for the security of personal data, state, office, commercial, bank, professional and other secrets protected by laws, as well as the consumer’s right to privacy.